-
Notifications
You must be signed in to change notification settings - Fork 891
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Failed to load OpenSSL provider "legacy": error:07880025:common libcrypto routines::reason(524325) #1596
Comments
I have the same problem with confluent-kafka-dotnet. I think the problem comes from librdkafka and their problematic linking of OpenSSL. C:\semaphore-agent is a folder on the agent that builds librdkafka. I don't know how to properly link/unlink the dependency, so I went around and provided OpenSSL where librdkafka wants it:
It finally works for me. It's dodgy, we shouldn't have to do that, but at least it works... |
Same issue with confluent-kafka-python >= 2.1.0 but not with version 2.0.2 Probably related to this specific change: https://github.com/confluentinc/librdkafka/pull/4234/files#diff-a52abbe34637fa09df7a73e3d805baa7392edeb32d7b0c4a85503d7d67a3b015L104-L108 Apparently, |
In OpenSSL 3 (3.9 at least), the legacy provider is not loaded by default. However, it is still there - we just need to enable it. We can do this using the OpenSSL configuration file. See https://github.com/openssl/openssl/blob/master/README-PROVIDERS.md EDIT: Ok, Kafka doesn't respect the way OpenSSL 3 is working. In my Docker container I now have,
But I still get the error,
What is going on? librdkafka should have this since v2. |
Description
I tried to create Kafka producer and got some exceptions.
Firstly I didn't use 'ssl.providers': 'default,legacy' in kafka_config and got:
cimpl.KafkaException: KafkaError{code=_INVALID_ARG,val=-186,str="Failed to create producer: Failed to parse ssl.keystore.location PKCS#12 file: C:\tools\kafka-keystore.p12: error:0308010C:digital envelope routines::unsupported: Global default library context, Algorithm (RC2-40-CBC : 0), Properties ()"}
After I read some posts, added 'ssl.providers' to config and got:
Windows explorer can't find folder C:\semaphore-agent. And I don't know why it use this path.
What can I do to fix and run it?
How to reproduce
Checklist
'debug': '..'
as necessary)The text was updated successfully, but these errors were encountered: